From 749b7a84a0a7f74a3327ecad8110b2806a9d77e6 Mon Sep 17 00:00:00 2001 From: Antoine Ouvrard Date: Thu, 9 Mar 2023 17:27:02 +0100 Subject: [PATCH] readd directory --- ansible-continuous-delivery/.gitignore | 2 + ansible-continuous-delivery/README.md | 52 ++++++++++ ansible-continuous-delivery/ansible.cfg | 5 + .../host_vars/lab-bitbucket-runner/main.yml | 3 + .../host_vars/test-ci-deploy/main.yml | 5 + .../ut3-preprod-zextras-back/main.yml | 7 ++ .../ut3-preprod-zextras-back/vault_vars.yml | 10 ++ .../host_vars/villiers-mig/main.yml | 6 ++ .../host_vars/villiers-mig/vault.yml | 7 ++ .../host_vars/zimbra-lab-antoine/main.yml | 7 ++ ansible-continuous-delivery/inventory | 13 +++ ansible-continuous-delivery/playbook.yml | 44 +++++++++ .../roles/add-user-zextras-ci/files/id_ecdsa | 31 ++++++ .../add-user-zextras-ci/files/id_ecdsa.pub | 1 + .../roles/add-user-zextras-ci/tasks/main.yml | 24 +++++ .../templates/credentials.j2 | 1 + .../roles/install-postgres/handlers/main.yml | 7 ++ .../roles/install-postgres/tasks/main.yml | 99 +++++++++++++++++++ .../install-ruby/tasks/install-ruby-apt.yml | 58 +++++++++++ .../install-ruby/tasks/install-ruby-rh8.yml | 70 +++++++++++++ .../roles/install-ruby/tasks/main.yml | 19 ++++ 21 files changed, 471 insertions(+) create mode 100644 ansible-continuous-delivery/.gitignore create mode 100644 ansible-continuous-delivery/README.md create mode 100644 ansible-continuous-delivery/ansible.cfg create mode 100644 ansible-continuous-delivery/host_vars/lab-bitbucket-runner/main.yml create mode 100644 ansible-continuous-delivery/host_vars/test-ci-deploy/main.yml create mode 100644 ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/main.yml create mode 100644 ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/vault_vars.yml create mode 100644 ansible-continuous-delivery/host_vars/villiers-mig/main.yml create mode 100644 ansible-continuous-delivery/host_vars/villiers-mig/vault.yml create mode 100644 ansible-continuous-delivery/host_vars/zimbra-lab-antoine/main.yml create mode 100644 ansible-continuous-delivery/inventory create mode 100644 ansible-continuous-delivery/playbook.yml create mode 100644 ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa create mode 100644 ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa.pub create mode 100644 ansible-continuous-delivery/roles/add-user-zextras-ci/tasks/main.yml create mode 100644 ansible-continuous-delivery/roles/add-user-zextras-ci/templates/credentials.j2 create mode 100644 ansible-continuous-delivery/roles/install-postgres/handlers/main.yml create mode 100644 ansible-continuous-delivery/roles/install-postgres/tasks/main.yml create mode 100644 ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-apt.yml create mode 100644 ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-rh8.yml create mode 100644 ansible-continuous-delivery/roles/install-ruby/tasks/main.yml diff --git a/ansible-continuous-delivery/.gitignore b/ansible-continuous-delivery/.gitignore new file mode 100644 index 0000000..086aee2 --- /dev/null +++ b/ansible-continuous-delivery/.gitignore @@ -0,0 +1,2 @@ +*vault*pass* +.vscode \ No newline at end of file diff --git a/ansible-continuous-delivery/README.md b/ansible-continuous-delivery/README.md new file mode 100644 index 0000000..cc0a6d9 --- /dev/null +++ b/ansible-continuous-delivery/README.md @@ -0,0 +1,52 @@ +# Script Ansible qui permet de préparer des serveurs à recevoir des livraisons automatisées + +cf la [doc confluence sur le sujet de l'industrialisation](https://zextras.atlassian.net/wiki/spaces/ZST/pages/2750939160/Industrialisation) + + +### Comment lancer une execution ? ### + +* Installer ansible sur votre machine + * pour ubuntu 20.04 + ```bash + sudo apt-add-repository ppa:ansible/ansible + sudo apt update + sudo apt install ansible + ``` + + * puis éxecuter à la racine du projet: + `ansible-playbook playbook.yml -i inventory --ask-become-pass --tag zimbra-lab-antoine` + +**EXPLICATION** +`playbook.yml` -> va exécuter l'ensemble des roles définit dans ce fichier +`-i inventory` -> indique quel inventaire utiliser +`--ask-become-pass` -> vous met un prompt pour saisir le mot de passe sudo +`--tag zimbra-lab-antoine` -> permet de ne pas jouer l'ensemble du playbook + +### Comment ajouter un serveur ? ### + +### Ajouter dans l'inventaire +* Ajouter une ligne dans le fichier inventory à la racine du projet pour un serveur + +##### Les paramètres +`ansible_user` -> nom d'utilisateur ssh +`ansible_host` -> hostname ou ip du serveur +`ansible_become=true` -> a ajouter pour indiquer que l'utilisateur n'est pas root, +et doit le "devenir" via un sudo + +### Ajouter dans le playbook +* Appliquer les roles que vous souhaitez appliquer a votre serveur + +#### `add-user-zextras-cd` +Créé un utilisateur "zextras-cd" sur la machine, et pose sa clé publique. +La clé privé est chiffré dans le dépot (../roles/add-user-zextras-cd/files/id_ecdsa) +Le pass pour le déchiffrer est le même que le pass de keepass interne. +Elle peut être fait via `ansible-vault view roles/add-user-zextras-cd/file/id_ecdsa`. +Cet utilisateur sera utilisé par l'outil de déploiement. + +#### `user-zextras-need-restart-apache` +Donne le droit à l'utilisateur "zextras-cd" de `restart` ou `reload` le service Apache +sans mot de passe. + +#### `install-ruby` +Installe le paquet ruby. Compatible pour les gestionnaires de paquets apt, yum et dnf. + \ No newline at end of file diff --git a/ansible-continuous-delivery/ansible.cfg b/ansible-continuous-delivery/ansible.cfg new file mode 100644 index 0000000..12acc51 --- /dev/null +++ b/ansible-continuous-delivery/ansible.cfg @@ -0,0 +1,5 @@ +[defaults] +vault_password_file = vault_passwd ;set l'emplacement du mot de pass principal +stdout_callback = yaml ;améliore la lisibilité des logs d'erreur ansible +allow_world_readable_tmpfiles = true ; autorise les utilisateurs non root a lire le /tmp +timeout = 40 ; les 12secondes par défaut génère parfois des timeout sur certain serveur lent ou avec un résau erratique \ No newline at end of file diff --git a/ansible-continuous-delivery/host_vars/lab-bitbucket-runner/main.yml b/ansible-continuous-delivery/host_vars/lab-bitbucket-runner/main.yml new file mode 100644 index 0000000..7dee6ec --- /dev/null +++ b/ansible-continuous-delivery/host_vars/lab-bitbucket-runner/main.yml @@ -0,0 +1,3 @@ +--- +ruby_version: 2.6.6 +ruby_user: zextras \ No newline at end of file diff --git a/ansible-continuous-delivery/host_vars/test-ci-deploy/main.yml b/ansible-continuous-delivery/host_vars/test-ci-deploy/main.yml new file mode 100644 index 0000000..05bded3 --- /dev/null +++ b/ansible-continuous-delivery/host_vars/test-ci-deploy/main.yml @@ -0,0 +1,5 @@ +--- +db_user: zextras +db_password: xxxxxx +db_name: ruby_app +ruby_version: 2.6.3 diff --git a/ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/main.yml b/ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/main.yml new file mode 100644 index 0000000..91348ef --- /dev/null +++ b/ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/main.yml @@ -0,0 +1,7 @@ +--- +db_user: zextras +db_name: ut3middleware_preprod +https_proxy: http://proxy.univ-tlse3.fr:3128/ +http_proxy: http://proxy.univ-tlse3.fr:3128/ +nodejs_version: 16 +rubygems_version: 3.0.3.1 \ No newline at end of file diff --git a/ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/vault_vars.yml b/ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/vault_vars.yml new file mode 100644 index 0000000..a32e142 --- /dev/null +++ b/ansible-continuous-delivery/host_vars/ut3-preprod-zextras-back/vault_vars.yml @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.1;AES256 +66306430613739643837373632356262653538363464333435333466316337353935306264333731 +6134333737653065333230353639656234323130333434660a386266613762353966626462663931 +39383863383335656239376630616464656333326339343063303033313363623633643965646136 +3536356334363663630a333032396338386162626363373436343836623831313864373038393635 +65383936633532626136636331313735343463656635613233303233663166636634613038666131 +38646238363232663665336561633135626438363566396563633331653934663832346332393439 +32353531303035333837363436336530653563666130343865623932626166663365653262363335 +31326339633962326439663531663238663663663365663930633739393532656430373662383935 +64666230313134366431356164353534356436656130323435616530633135663663 diff --git a/ansible-continuous-delivery/host_vars/villiers-mig/main.yml b/ansible-continuous-delivery/host_vars/villiers-mig/main.yml new file mode 100644 index 0000000..30bf1db --- /dev/null +++ b/ansible-continuous-delivery/host_vars/villiers-mig/main.yml @@ -0,0 +1,6 @@ +--- +ansible_password: "{{ vault_ansible_ssh_password }}" +db_user: zextras +db_password: OWFhYmI2ZDA4MzNmNTUxNDUyNjRmZGYz +db_name: zimbra_to_zimbra_production +ruby_version: 2.6.3 diff --git a/ansible-continuous-delivery/host_vars/villiers-mig/vault.yml b/ansible-continuous-delivery/host_vars/villiers-mig/vault.yml new file mode 100644 index 0000000..117857e --- /dev/null +++ b/ansible-continuous-delivery/host_vars/villiers-mig/vault.yml @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +36386137616563613263356330643763353966316134353534346430626637323238303161383837 +3034633039663565616638616133636464656531373837650a656361343565626330383130313566 +38626663343135343131313930356134626436386261363934613934333464656332343130636565 +3833633139306534370a383230346466666430306637316530306232663761663330343262616432 +37643231316633343730663639306431323033313462623836656366396666303335303566373466 +6466313731666663643261613032373138653530326333363234 diff --git a/ansible-continuous-delivery/host_vars/zimbra-lab-antoine/main.yml b/ansible-continuous-delivery/host_vars/zimbra-lab-antoine/main.yml new file mode 100644 index 0000000..1bd6c01 --- /dev/null +++ b/ansible-continuous-delivery/host_vars/zimbra-lab-antoine/main.yml @@ -0,0 +1,7 @@ +--- +ansible_become_pass: tototititata +db_user: zextras +db_password: xxxxxx +db_name: ruby_app +nodejs_version: 12 +ruby_version: 2.6.3 \ No newline at end of file diff --git a/ansible-continuous-delivery/inventory b/ansible-continuous-delivery/inventory new file mode 100644 index 0000000..e1eea77 --- /dev/null +++ b/ansible-continuous-delivery/inventory @@ -0,0 +1,13 @@ +[test] +zimbra-lab-antoine ansible_user=antoine ansible_host=192.168.73.63 ansible_become=true +test-ci-deploy ansible_user=zextras ansible_host=192.168.73.106 ansible_become=true ansible_become_pass='Zimbra to Zimbra' + +ut3-preprod-zextras-back ansible_become=true +lab-bitbucket-runner ansible_user=zextras ansible_host=192.168.73.102 +zsm-prod ansible_user=antoine.ouvrard ansible_host=15.188.172.250 ansible_become=true + +[need_ub18] +villiers-mig ansible_user=adminzextras ansible_host=172.18.11.57 ansible_become=true + +[need_ub18:vars] +ansible_ssh_common_args='-J super@192.168.73.37' \ No newline at end of file diff --git a/ansible-continuous-delivery/playbook.yml b/ansible-continuous-delivery/playbook.yml new file mode 100644 index 0000000..9103cbd --- /dev/null +++ b/ansible-continuous-delivery/playbook.yml @@ -0,0 +1,44 @@ +--- +- name: Prépare le serveur zimbra-lab-antoine pour recevoir des déploiements ruby + hosts: zimbra-lab-antoine + tags: zimbra-lab-antoine + roles: + - role: add-user-zextras-ci + - role: install-ruby + - role: install-postgres + +- name: Prépare le serveur zsm-prod pour recevoir des déploiements ruby + hosts: zsm-prod + tags: zsm-prod + roles: + - role: add-user-zextras-ci + - role: install-ruby + +- name: Prépare le serveur PP UT3 pour recevoir des déploiements ruby + hosts: ut3-preprod-zextras-back + tags: ut3-preprod-zextras-back + roles: + - role: install-postgres + - role: install-ruby + +- name: Prépare le runner bitbucket a build des app ruby + hosts: lab-bitbucket-runner + tags: lab-bitbucket-runner + roles: + - role: install-ruby + +- name: Migration villiers94 + hosts: villiers-mig + tags: villiers-mig + roles: + - role: add-user-zextras-ci + - role: install-ruby + - role: install-postgres + +- name: Prépare le serveur test-ci-deploy pour recevoir des déploiements ruby + hosts: test-ci-deploy + tags: test-ci-deploy + roles: + - role: add-user-zextras-ci + - role: install-ruby + - role: install-postgres diff --git a/ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa b/ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa new file mode 100644 index 0000000..7e538d0 --- /dev/null +++ b/ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa @@ -0,0 +1,31 @@ +$ANSIBLE_VAULT;1.1;AES256 +64363561373735623361616233656633386661313465633163623532393764303732343236646236 +6132643166626431356131653334343136353234363166640a396331306635336565393062643834 +34643165633463353865393464326262643766393366373261376536373533313365343666386436 +3134363764376532630a643932346134353235636632326365346464336464353932623063613334 +65663665396465633230643761313831393963653639653063666565306131656465313862623663 +33626139643630386562643166363232343130663566383634633161306235313536363561613963 +64666636316365393264613732633235306633353861613035306264356631643434323737393132 +61623433303063376330303736313337316563353338353835633465646333623435326139336138 +35303462316134343031373030323232383765313765393334343135666666356162386463333561 +34396433616638613834636164366666613366666237343563653466336137623766333633363765 +66623464333335396632366661623262393037656665333862663339653835613063336633616263 +64353033313239393730376332366163363332646439393763343665613739393566626538653663 +66353561303963353437646636363938616661613366353633303736396266616366626430336165 +38643035346539343931653335343933366265373735643437363433336564386265316232383564 +38353439346539653439353439616663333162383438643730653430646430386331646566373930 +65373065386266373434616161636531363264623133346238336664346535633033353033633634 +65386639376635623165633936373539633231626630366663623432383430626662333264396333 +34643132333832343437363634363232303035326131303264373137343866353836663466343662 +35356332323930353531393761386130396631633439393336353763623939373866386263313266 +61616165306163653436636163623935343037613563653261313236326538346534653433323237 +61333861636262613463656236663133313239326364653130656161353537623363643033353862 +39383239613538646263623864353635666530353263653430326566383564643534383264356639 +35633539613365346461336430376365623338333738616333346431383166366135386339623233 +62313535616139626138656631666531376336303935623562316366316564386137666631393539 +63396363643961616533376633373333646562336135353766326436623531323531353832346439 +39366232663862346235656331306464383965386262313762636263626539646230646133613139 +33306434616163373939633130313936383839373863393836633266313032356562333134383339 +33363433366438313239616365643334633937393830656264323438336138336136323261396464 +64396531366665353331656663653932623334323630653239653935653234333137346238356335 +3865346663396239643135383137386436663562323338373565 diff --git a/ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa.pub b/ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa.pub new file mode 100644 index 0000000..3edbd37 --- /dev/null +++ b/ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa.pub @@ -0,0 +1 @@ +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCFfpwmFAsb9j0TovgvNSDXPzewLBrpZsOSpFuCU82fPBNoIq0JjFUPydtQH7x2Ft1C8Q1Uoph27QIKFLI6Ro+M= zextras-ci diff --git a/ansible-continuous-delivery/roles/add-user-zextras-ci/tasks/main.yml b/ansible-continuous-delivery/roles/add-user-zextras-ci/tasks/main.yml new file mode 100644 index 0000000..79fba81 --- /dev/null +++ b/ansible-continuous-delivery/roles/add-user-zextras-ci/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: Add specific zextras-ci account + ansible.builtin.user: + name: zextras-ci + shell: /bin/bash + +- name: Set SSH key + ansible.posix.authorized_key: + user: zextras-ci + state: present + key: "{{ lookup('file', '../files/id_ecdsa.pub') }}" + +- name: Add environnement variable for systemd --user management + ansible.builtin.lineinfile: + path: /home/zextras-ci/.bashrc + line: 'export XDG_RUNTIME_DIR=/run/user/$(id -u $USER)' + +- name: Set credentials file + ansible.builtin.template: + src: credentials.j2 + dest: /home/zextras-ci/credentials + owner: zextras-ci + group: zextras-ci + mode: 0600 diff --git a/ansible-continuous-delivery/roles/add-user-zextras-ci/templates/credentials.j2 b/ansible-continuous-delivery/roles/add-user-zextras-ci/templates/credentials.j2 new file mode 100644 index 0000000..eeb78af --- /dev/null +++ b/ansible-continuous-delivery/roles/add-user-zextras-ci/templates/credentials.j2 @@ -0,0 +1 @@ +DATABASE_PASSWORD={{ db_password }} \ No newline at end of file diff --git a/ansible-continuous-delivery/roles/install-postgres/handlers/main.yml b/ansible-continuous-delivery/roles/install-postgres/handlers/main.yml new file mode 100644 index 0000000..161bcc4 --- /dev/null +++ b/ansible-continuous-delivery/roles/install-postgres/handlers/main.yml @@ -0,0 +1,7 @@ +--- +- name: Restart postgres + ansible.builtin.systemd: + name: postgresql + state: restarted + daemon_reload: true + enabled: true diff --git a/ansible-continuous-delivery/roles/install-postgres/tasks/main.yml b/ansible-continuous-delivery/roles/install-postgres/tasks/main.yml new file mode 100644 index 0000000..7a80045 --- /dev/null +++ b/ansible-continuous-delivery/roles/install-postgres/tasks/main.yml @@ -0,0 +1,99 @@ +--- +- name: Vérification de la présence des paramètres d'entrées dans les variables + ansible.builtin.fail: + msg: | + La variable {{ item }} est obligatoire pour utiliser le role. + Veuillez la renseigner dans le dossier host_vars. + when: + - item is not defined + loop: + - db_user + - db_password + - db_name + +- name: Apt Update and Install Postgres + ansible.builtin.apt: + update_cache: true + name: + - postgresql + - acl + - python3-psycopg2 + state: present + when: ansible_pkg_mgr == "apt" + +- name: Yum Update and Install Postgres + ansible.builtin.yum: + update_cache: true + name: + - postgresql + - postgresql-server + - postgresql-contrib + - acl + - python3-psycopg2 + state: present + when: ansible_pkg_mgr == "yum" + +- name: Dnf Update and Install Postgres + ansible.builtin.dnf: + update_cache: true + name: + - postgresql + - postgresql-server + - postgresql-contrib + - acl + - python3-psycopg2 + state: present + when: ansible_pkg_mgr == "dnf" + +- name: Yum/Dnf management + when: ansible_pkg_mgr == "dnf" or ansible_pkg_mgr == "yum" + block: + - name: Find out if PostgreSQL is initialized + ansible.builtin.stat: + path: "/var/lib/pgsql/data/pg_hba.conf" + register: postgres_data + + - name: Init database only for Yum/Dnf OS + ansible.builtin.command: /usr/bin/postgresql-setup --initdb + when: not postgres_data.stat.exists + +- name: Start and enable services + ansible.builtin.service: + name: postgresql + state: started + enabled: true + +- name: Create db user + community.postgresql.postgresql_user: + state: present + name: "{{ db_user }}" + password: "{{ db_password }}" + role_attr_flags: CREATEDB + become: true + become_user: postgres + +- name: Allow md5 connection for the db user + community.postgresql.postgresql_pg_hba: + dest: "/etc/postgresql/12/main/pg_hba.conf" + contype: host + databases: all + method: md5 + users: "{{ db_user }}" + create: true + become: true + become_user: postgres + notify: Restart postgres + when: ansible_pkg_mgr == "apt" + +- name: Allow md5 connection for the db user + community.postgresql.postgresql_pg_hba: + dest: "~/data/pg_hba.conf" + contype: host + databases: all + method: md5 + users: "{{ db_user }}" + create: true + become: true + become_user: postgres + notify: Restart postgres + when: ansible_pkg_mgr == "dnf" or ansible_pkg_mgr == "yum" diff --git a/ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-apt.yml b/ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-apt.yml new file mode 100644 index 0000000..bbe83dd --- /dev/null +++ b/ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-apt.yml @@ -0,0 +1,58 @@ +--- +- name: Install prerequis + ansible.builtin.apt: + name: + - build-essential + - libz-dev + - libreadline-dev + - nodejs + - nginx + state: present + +- name: Become zextras-ci user + become: true + become_user: zextras-ci + block: + - name: Find out if ruby is initialized + ansible.builtin.stat: + path: /home/zextras-ci/.rbenv/versions/{{ ruby_version }} + register: ruby_version_install + + - name: Get rbenv from github + ansible.builtin.git: + repo: https://github.com/sstephenson/rbenv.git + dest: /home/zextras-ci/.rbenv + single_branch: true + version: master + when: not ruby_version_install.stat.exists + + - name: Get ruby build plugin for rbenv from github + ansible.builtin.git: + repo: https://github.com/sstephenson/ruby-build.git + dest: /home/zextras-ci/.rbenv/plugins/ruby-build + single_branch: true + version: master + when: not ruby_version_install.stat.exists + + - name: Install ruby with rbenv + ansible.builtin.command: /home/zextras-ci/.rbenv/bin/rbenv install {{ ruby_version }} + when: not ruby_version_install.stat.exists + + - name: Init rbenv in bashrc + ansible.builtin.lineinfile: + path: /home/zextras-ci/.bashrc + line: 'eval "$(/home/zextras-ci/.rbenv/bin/rbenv init - bash)"' + + - name: Get setup version of ruby + ansible.builtin.command: /home/zextras-ci/.rbenv/bin/rbenv global + register: ruby_version_set + changed_when: false + check_mode: false + + - name: Set version ruby with rbenv + ansible.builtin.command: /home/zextras-ci/.rbenv/bin/rbenv global {{ ruby_version }} + when: not ruby_version_set.stdout == ruby_version + + - name: Install bundler + ansible.builtin.command: /home/zextras-ci/.rbenv/versions/{{ ruby_version }}/bin/gem install bundler + when: not ruby_version_set.stdout == ruby_version diff --git a/ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-rh8.yml b/ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-rh8.yml new file mode 100644 index 0000000..596db19 --- /dev/null +++ b/ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-rh8.yml @@ -0,0 +1,70 @@ +--- +- name: Add nodejs repo + ansible.builtin.copy: + dest: "/etc/dnf/modules.d/nodejs.module" + content: | + [nodejs] + name=nodejs + stream={{ nodejs_version }} + profiles= + state=enabled + mode: 0644 + owner: root + +- name: Add yarn repo + ansible.builtin.copy: + dest: "/etc/yum.repos.d/yarn.repo" + content: | + [yarn] + name=Yarn Repository + baseurl=https://dl.yarnpkg.com/rpm/ + enabled=1 + gpgcheck=1 + gpgkey=https://dl.yarnpkg.com/rpm/pubkey.gpg + mode: 0644 + owner: root + +- name: Import yarn GPG signature + ansible.builtin.rpm_key: + key: https://dl.yarnpkg.com/rpm/pubkey.gpg + environment: + https_proxy: "{{ https_proxy }}" + +- name: Install packages + ansible.builtin.dnf: + update_cache: true + state: present + name: + - "@ruby:2.6" + - bison + - bzip2 + - curl + - gcc-c++ + - git + - libcurl-devel + - libffi-devel + - libpq + - libpq-devel + - libtool + - libyaml + - make + - nodejs + - openssl-devel + - patch + - readline + - readline-devel + - redhat-rpm-config + - ruby-devel + - yarn + - zlib + - zlib-devel + +- name: Execute gem command + ansible.builtin.command: + gem install bundler + environment: + https_proxy: "{{ https_proxy }}" + changed_when: false + check_mode: false + become: true + become_user: zextras-ci diff --git a/ansible-continuous-delivery/roles/install-ruby/tasks/main.yml b/ansible-continuous-delivery/roles/install-ruby/tasks/main.yml new file mode 100644 index 0000000..60e17a9 --- /dev/null +++ b/ansible-continuous-delivery/roles/install-ruby/tasks/main.yml @@ -0,0 +1,19 @@ +--- +- name: Vérification de la présence des paramètres d'entrées dans les variables + ansible.builtin.fail: + msg: | + La variable {{ item }} est obligatoire pour utiliser le role. + Veuillez la renseigner dans le dossier host_vars. + when: + - item is not defined + loop: + - nodejs_version + - ruby_version + +- name: Install packages for RH8 + ansible.builtin.include_tasks: install-ruby-rh8.yml + when: (ansible_facts['os_family'] == "RedHat" and ansible_facts['distribution_major_version'] == 8) + +- name: Install packages for Debian/Ubuntu + ansible.builtin.include_tasks: install-ruby-apt.yml + when: ansible_pkg_mgr == "apt"